一键导入
1password
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in, and reading/injecting secrets for commands.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in, and reading/injecting secrets for commands.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Delegate coding tasks to Blackbox AI CLI agent. Multi-model agent with built-in judge that runs tasks through multiple LLMs and picks the best result. Requires the blackbox CLI and a Blackbox AI API key.
Query Solana blockchain data with USD pricing — wallet balances, token portfolios with values, transaction details, NFTs, whale detection, and live network stats. Uses Solana RPC + CoinGecko. No API key required.
Control Blender directly from Gauss via socket connection to the blender-mcp addon. Create 3D objects, materials, animations, and run arbitrary Blender Python (bpy) code. Use when user wants to create or modify anything in Blender.
Give the agent its own dedicated email inbox via AgentMail. Send, receive, and manage email autonomously using agent-owned email addresses (e.g. gauss-agent@agentmail.to).
Connect to a running NeuroSkill instance and incorporate the user's real-time cognitive and emotional state (focus, relaxation, mood, cognitive load, drowsiness, heart rate, HRV, sleep staging, and 40+ derived EXG scores) into responses. Requires a BCI wearable (Muse 2/S or OpenBCI) and the NeuroSkill desktop app running locally.
Migrate a user's OpenClaw customization footprint into Gauss Agent. Imports Gauss-compatible memories, SOUL.md, command allowlists, user skills, and selected workspace assets from ~/.openclaw, then reports exactly what could not be migrated and why.
| name | 1password |
| description | Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in, and reading/injecting secrets for commands. |
| version | 1.0.0 |
| author | arceus77-7, enhanced by Gauss Agent |
| license | MIT |
| metadata | {"gauss":{"tags":["security","secrets","1password","op","cli"],"category":"security"}} |
| setup | {"help":"Create a service account at https://my.1password.com → Settings → Service Accounts","collect_secrets":[{"env_var":"OP_SERVICE_ACCOUNT_TOKEN","prompt":"1Password Service Account Token","provider_url":"https://developer.1password.com/docs/service-accounts/","secret":true}]} |
Use this skill when the user wants secrets managed through 1Password instead of plaintext env vars or files.
op) installedOP_SERVICE_ACCOUNT_TOKEN), or Connect servertmux available for stable authenticated sessions during Gauss terminal calls (desktop app flow only)op signinop://Vault/Item/fieldop injectop runSet OP_SERVICE_ACCOUNT_TOKEN in ~/.gauss/.env (the skill will prompt for this on first load).
No desktop app needed. Supports op read, op inject, op run.
export OP_SERVICE_ACCOUNT_TOKEN="your-token-here"
op whoami # verify — should show Type: SERVICE_ACCOUNT
op signin and approve the biometric promptexport OP_CONNECT_HOST="http://localhost:8080"
export OP_CONNECT_TOKEN="your-connect-token"
# macOS
brew install 1password-cli
# Linux (official package/install docs)
# See references/get-started.md for distro-specific links.
# Windows (winget)
winget install AgileBits.1Password.CLI
op --version
Gauss terminal commands are non-interactive by default and can lose auth context between calls.
For reliable op use with desktop app integration, run sign-in and secret operations inside a dedicated tmux session.
Note: This is NOT needed when using OP_SERVICE_ACCOUNT_TOKEN — the token persists across terminal calls automatically.
SOCKET_DIR="${TMPDIR:-/tmp}/gauss-tmux-sockets"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/gauss-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"
tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
# Sign in (approve in desktop app when prompted)
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "eval \"\$(op signin --account my.1password.com)\"" Enter
# Verify auth
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
# Example read
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op read 'op://Private/Npmjs/one-time password?attribute=otp'" Enter
# Capture output when needed
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
# Cleanup
tmux -S "$SOCKET" kill-session -t "$SESSION"
op read "op://app-prod/db/password"
op read "op://app-prod/npm/one-time password?attribute=otp"
echo "db_password: {{ op://app-prod/db/password }}" | op inject
export DB_PASSWORD="op://app-prod/db/password"
op run -- sh -c '[ -n "$DB_PASSWORD" ] && echo "DB_PASSWORD is set" || echo "DB_PASSWORD missing"'
op run / op inject instead of writing secrets into files.op signin again in the same tmux session.For non-interactive use, authenticate with OP_SERVICE_ACCOUNT_TOKEN and avoid interactive op signin.
Service accounts require CLI v2.18.0+.
references/get-started.mdreferences/cli-examples.md